SAP-C01 (Page 12)

You are developing a new mobile application and are considering storing user preferences in AWS.2w This would provide a more uniform cross-device experience to users using multiple mobile devices to access the application. The preference data for each user is estimated to be 50KB in size Additionally 5 million customers are expected to use the application on a regular basis.The solution needs to be cost-effective, highly available, scalable and secure, how would you design a solution to meet the above requirements?Read More →

You have an application running on an EC2 Instance which will allow users to download flies from a private S3 bucket using a pre-signed URL. Before generating the URL the application should verify the existence of the file in S3.How should the application use AWS credentials to access the S3 bucket securely?Read More →

Your company has recently extended its datacenter into a VPC on AWS to add burst computing capacity as needed Members of your Network Operations Center need to be able to go to the AWS Management Console and administer Amazon EC2 instances as necessary. You don’t want to create new IAM users for eachNOC member and make those users sign in again to the AWS Management Console.Which option below will meet the needs for your NOC members?Read More →

An administrator is using Amazon CloudFormation to deploy a three tier web application that consists of a web tier and application tier that will utilize AmazonDynamoDB for storage when creating the CloudFormation template.Which of the following would allow the application instance access to the DynamoDB tables without exposing API credentials?Read More →

You’ve been brought in as solutions architect to assist an enterprise customer with their migration of an e-commerce platform to Amazon Virtual Private Cloud(VPC) The previous architect has already deployed a 3-tier VPC.The configuration is as follows:VPC: vpc-2f8bc447 -IGW: igw-2d8bc445 -NACL: ad-208bc448 -Subnets and Route Tables:Web servers: subnet-258bc44d -Application servers: subnet-248bc44cDatabase servers: subnet-9189c6f9Route Tables:rrb-218bc449rtb-238bc44bAssociations:subnet-258bc44d : rtb-218bc449subnet-248bc44c : rtb-238bc44bsubnet-9189c6f9 : rtb-238bc44bYou are now ready to begin deploying EC2 instances into the VPC  Web servers must have direct access to the internet Application and database servers cannot have direct access to the internet.Which configuration below will allow you the ability to remotely administer your application and database servers, as well as allow these servers to retrieve updates from the Internet?Read More →

Your company hosts a social media site supporting users in multiple countries. You have been asked to provide a highly available design tor the application that leverages multiple regions tor the most recently accessed content and latency sensitive portions of the wet) site The most latency sensitive component of the application involves reading user preferences to support web site personalization and ad selection.In addition to running your application in multiple regions, which option will support this application’s requirements?Read More →

A company has built a high performance computing (HPC) cluster in AWS for a tightly coupled workload that generates a large number of shared files stored inAmazon EFS.The cluster was performing well when the number of Amazon EC2 instances in the cluster was 100.However, when the company increased the cluster size to 1,000 EC2 instances, overall performance was well below expectations.Which collection of design choices should a solutions architect make to achieve the maximum performance from the HPC cluster? (Choose three.)Read More →

A solutions architect is implementing infrastructure as code for a two-tier web application in an AWS CloudFormation template.The web frontend application will be deployed on Amazon EC2 instances in an Auto Scaling group.The backend database will be an Amazon RDS for MySQL DB instance.The database password will be rotated every 60 days.How can the solutions architect MOST securely manage the configuration of the application’s database credentials?Read More →

During a security audit of a Service team’s application, a Solutions Architect discovers that a username and password for an Amazon RDS database and a set ofAWS IAM user credentials can be viewed in the AWS Lambda function code.The Lambda function uses the username and password to run queries on the database, and it uses the IAM credentials to call AWS services in a separate management account.The Solutions Architect is concerned that the credentials could grant inappropriate access to anyone who can view the Lambda code.The management account and the Service team’s account are in separate AWS Organizations organizational units (OUs).Which combination of changes should the Solutions Architect make to improve the solution’s security? (Choose two.)Read More →

A company is having issues with a newly deployed serverless infrastructure that uses Amazon API Gateway, Amazon Lambda, and Amazon DynamoDB.In a steady state, the application performs as expected.However, during peak load, tens of thousands of simultaneous invocations are needed and user requests fail multiple times before succeeding.The company has checked the logs for each component, focusing specifically on Amazon CloudWatch Logs for Lambda.There are no errors logged by the services or applications.What might cause this problem?Read More →